Overview:

Against cyber threats, knowledge is power

To anticipate and respond to sophisticated cyber attacks, you need to understand attacker motivations, intentions, characteristics, and methods. You can mitigate risk, bolster incident response efforts and enhance your overall security by understanding who is most likely to attack you, what they want, why they want it and how they plan to get it.

High-value intelligence

Relevant, actionable intelligence tailored to your security mission
Modern cyber attackers are sophisticated, well-funded, well-organized and use highly-targeted techniques that leave technology-only security strategies exposed. To identify and stop attackers, organizations need to understand how they think, how they work, and what they want. But most organizations rely solely on legacy, signature-based intelligence feeds that provide a false sense of safety. Those types of intelligence cannot help anticipate attacks or guide responses.

Only FireEye iSIGHT Threat Intelligence combines outward-looking adversary intelligence with best-of-breed breach victim and machine-based intelligence for a full 360° view of proliferating threats before, during and after attacks.

The FireEye threat intelligence advantage

FireEye intelligence is unique in the industry. Our team of more than 150 security researchers and experts from around the globe draws upon decades of intelligence experience to transform raw information into finished intelligence. We combine human analytics with a technical data collection platform to provide actual threat insights and understand the tactics, techniques, and procedures (TTPs) used by specific threat actors.

The result? We have an unmatched view across adversaries, victims, and networks worldwide that enables us to give you visibility into the entire lifecycle of an extended cyber attack from initial reconnaissance to exfiltration.

Features:

Response to the Threat Environment

Organizations continue to fight an asymmetric battle on the cyber front. Attackers are sophisticated, well-funded, well-organized and use highly targeted techniques. Security teams routinely struggle to understand which cyber threats pose the greatest risk to them and how to prioritize those they discover.

Most organizations stake their security efficacy on legacy, signature-based tactical intelligence feeds that can’t anticipate attacks or provide context to guide response. Instead, these feeds increase alert volumes with false positives that make it nearly impossible to detect attacks and provide a false sense of security. The right threat intelligence can help organizations improve detection and response capabilities and business efficiencies.

Rich context to mitigate threats
FireEye iSIGHT Threat Intelligence is unique in the industry. It is developed by more than 150 FireEye security researchers and experts around the globe who apply decades of experience to deliver knowledge about adversaries and their motivations, intentions and methods. They help organizations:

Proactively assess and manage the risks that are relevant

Detect and prevent attacks

Build attack context for the alerts that they face Threat Intelligence is mainly derived from three areas:

Deep within the attacker’s development environment before attacks are even launched

First responders to the world’s most advanced cyber threats

MVX-driven technology that identifies never-before seen attacks By providing comprehensive intelligence that is immediately actionable, organizations can better manage their risk and response to today’s attacks.

Standalone Threat Intelligence

FireEye iSIGHT Threat Intelligence can be integrated with any FireEye security solution as well as with any of your existing infrastructure and tools. It is a comprehensive offering that provides tactical, operational and strategic intelligence. It goes beyond the basic information that data feeds provide and adds the forward-looking and highly contextual information you need to build proactive defenses, prioritize alerts and resources and improve incident response.

It includes various consumable intelligence streams as well as direct access to analysts and dedicated client support. Intelligence is available in:

Intelligence can be tailored to the role or function of the personnel using it, empowering both mature and growing security teams with critical context on the intents and activities of their attackers. FireEye iSIGHT Threat Intelligence subscriptions can be customized across these five functional use cases: tactical, operational, fusion, executive and vulnerability.

Dynamic Threat Intelligence (DTI)

This intelligence facilitates unsurpassed detection with machine learning and analytics that codify attacker intent and tactics, techniques and procedures (TTPs) through the FireEye Multi-Vector Virtual Execution (MVX) engine. DTI provides hourly updates to ensure that your organization is finding the most recent attacks FireEye has seen across its global network of customers.

Advanced Threat Intelligence (ATI)

When FireEye detects an attack ATI provides the context required to prioritize resources and develop an appropriate response. Available intelligence includes who the associated threat actor is, what their likely motives are, industry and global views, information about the malware and other indicators that can be used to search for the attackers in your environment.

How FireEye threat intelligence is different
The FireEye iSIGHT Threat Intelligence portfolio provides extensive insight into adversaries and their motivations, intentions and methods:

Deep and broad visibility into the extended attack lifecycle and attacker’s motives, tools and procedures. Early visibility and access to information on the latest and most sophisticated threats from hundreds of embedded analysts deep within the adversary’s development ecosystem, decade long visibility at the front lines of major cyber attack investigations and a global network of sixteen million virtual threat detection nodes through codified understanding of the attacker intent.

Flexible and scalable analysis engine to track an everevolving attacker. 125+ million node mathematical graph database that dynamically models the relationships between the tools and tactics cyber threat groups use, the operations they conduct and their sponsors.

Subject matter experts from diverse domains who rigorously track and analyze the financial and political dimensions of over 16,000 cyber threats worldwide.

With this type of threat intelligence security teams shrink the attack surface and move from a resource intensive, alert- reactive security posture to a proactive one that addresses threats significantly more effectively and efficiently.